services / Google Cloud / Entities

Data objects in Firestore in Datastore mode are known as entities. An entity has one or more named properties, each of which can have one or more values. Properties can store data of various types, including strings, numbers, dates, and binary data. An entity is limited to 1 megabyte when stored. Entities operations are billed per operation and per gigabyte per month.

Permissions to create, edit and delete entities can result in spend towards write, read and storage quotas. Access to Entities storing sensitive information can result in data exfiltration.


datastore.​entities.​update

Entity fields can be deleted by updating the document without fields. this will delete all fields in the entity.

Risks

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​cloud.​google.​com/​datastore/​docs/​concepts/​entities
  • https:​/​/​cloud.​google.​com/​datastore/​pricing
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog